On Tue, 27 Jul 2010 05:40:07 +0300 (EEST) Sampo Syreeni <[email protected]> wrote: > On 2010-07-26, Perry E. Metzger wrote: > > > I think that you may be right -- the entire TLS PKI model may be > > so horribly broken that, once you no longer have any real > > security to speak of, simply sharing a cert among hundreds of > > trust domains hardly harms anything further. > > I agree. But do we then have any quantitative research on how bad > this sort of sharing really is, in excess of the basic > cryptographic vulnerability?
I am not sure what quantitative measurement of vulnerability would even mean. What units would said quantity be measured in? Perry -- Perry E. Metzger [email protected] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
